Talk about embarrassing: Thanks to a tiny error, Microsoft’s security tools removed Chrome from almost 3,000 folks’ computers.
We generally trust anti-virus software to keep our computers safe for us, working quietly in the background while we go about our daily work/web-surfing/gaming activities. That said, what happens when the latest security update labels a legit program a risk and automatically removes it? A number of people learned the result today, since Microsoft’s security tools started removing Google Chrome from computers and preventing the re-installation, claiming the program was a “severe threat.”
It turns out that Chrome was being removed from PCs running on the Windows platform are identifying Chrome as a variant of the infamous Zeus (“Zbot”) family of viruses. A number of Chrome users noted the problem, but this particular one identified the specific issue:
Security Essentials Version: 2.1.1116.0
Antimalware Client Version: 3.0.8402.0
Engine Version: 1.1.7702.0
Antivirus definition: 1.113.656.0
Antispyware definition: 1.113.656.0
This whole situation was pretty bizarre, especially since Microsoft Security Essentials wasn’t the only thing that wound up having problems with Chrome’s presence. It was also revealed that Microsoft Forefront Endpoint Protection was nuking Chrome from orbit; this isn’t too surprising, since both use the same anti-malware system.
Microsoft wound up scrambling to resolve the situation as quickly as possible. The company made a post on its official Malware Protection Center’s Facebook page:
“On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified and as a result, Google Chrome was inadvertently blocked and in some cases removed from customers PCs. We have already fixed the issue — we released an updated signature (1.113.672.0) at 9:57 am PDT — but approximately 3,000 customers were impacted. Affected customers should manually update Microsoft Security Essentials (MSE) with the latest signatures. To do this, simply launch MSE, go to the update tab and click the Update button, and then reinstall Google Chrome. We apologize for the inconvenience this may have caused our customers.”
Thankfully this was a pretty easy situation to resolve, as re-installing Chrome is free and only takes a moment or two. Still, it’s a little scary that such a widely-used program could be identified as a threat that had to be removed thanks to such a small error.